BT FTTC Modems with 'backdoors' in the News
NEWS Assumed Closed General
STATUS
Assumed Closed
CREATED
Dec 17, 11:14 AM (10¼ years ago)
AFFECTING
General
STARTED
(0 seconds ago)
REFERENCE
1871 / AA1871
INFORMATION
  • INITIAL
    0 seconds ago by Andrew

    FUD (Fear Uncertainty and Doubt) seems to abound at the moment with a report claiming that there is a secret back-door in BT FTTC modems allowing US DoD / NSA / GCHQ access.

    The BT FTTC modems do have a management VLAN for TR069 allowing them to be upgraded, and allowing BT to do things like line tests. This is pretty standard practice and no surprise to anyone.

    The hype appears to stem from the fact that BT have used an un-routed block of IP addresses for that management LAN, a block that is assigned to US Department of Defence, 30.x.x.x. This is not uncommon for private management LANs in large networks and does not mean there is any link to the US DoD. It is just a number they picked, and being a block that does not clash with anything in their network or any normal private addresses makes this a reasonably sensible choice.

    The paper in question presents no evidence that BT modems have secret spy back doors. Yes, BT could change the firmware in the modem, and could add all sorts if they wanted, just as they could add something to the DSLAM or BRAS or any part of their network. If they did, then they would most likely be found out and a real paper on the issue with actual evidence would be published.

    We see no evidence of any deliberate tampering with any packets across the BTW back-haul network, either in the modem or elsewhere.

    Happy for comments - this was originally posted on our Facebook page.